Enabling API Access to the Authorization Extension

Versionv2

Once configured and set up, your extension should contain users, as well as groups, roles, and permissions. You can automate provisioning and query the authorization context of your users in real-time if you enable API access to your extension.

Enable API Access

To get to API section, click on your Auth0 tenant name on the top right of the Authorization Dashboard. Click API.

On the Settings page, use the toggle to enable API Access.

Once enabled, you'll be able to see or control (within the extension) some of the parameters of the tokens issued by the API. You can control the time to expiration of the token, as well as view the token's audience, issuer, and URL to access the API.

Access the Extension's API

When you enabled API access to the extension, Auth0 automatically created an API for your use in the Dashboard. To access the API, you'll need to create a Machine to Machine Application, which is the entity that interacts with the API itself.

Create the Application

You'll be redirected to the Quick Start page of the Application, where you can customize the living documentation based on the API with which you'll use the Application. Select the API that Auth0 created for your extension (it should be called auth0-authorization-extension-api or similar).

Since this is the first time you're working with the API and Application together, you'll see a message that says, "This application is not authorized for this API." To authorize the application for use with the API, click Navigate to the API and Authorize.

You'll see a list of Machine to Machine Applications you can use with your API. Click the slider next to the Application you just created to authorize it.

Once you've authorized the Application, you'll see the Grant ID. You can also select the Scopes to be granted to the Application. The scopes you grant depends on the endpoints you want to access. For example, you'd grant read:users to get all users.